Unable to add/modify nasgroup principal in ONTAP S3 bucket policy with "Failed to look up NAS group"
Applies to
- ONTAP 9.14.1+
- ONTAP S3 storage VM
- LDAP fast bind mode for S3 user authentication
Issue
- Unable to add/modify a nasgroup principal in the 'bucket policy' and receiving error "Failed to look up NAS group"
- Command and error example
-
filer::> bucket policy add-statement -vserver svm1_cluster1 -bucket svm1-bucket -effect allow -action GetObject -principal nasgroup/noGidDef (vserver object-store-server bucket policy add-statement) Error: command failed: Failed to look up NAS group "nasgroup/noGidDef" specified in the object store bucket policy principal. Unix group-name to gid lookup failed with error: Failed to resolve group name to a UNIX ID. Reason: "SecD Error: object not found". Windows group-name to sid lookup failed with error: Failed to convert Windows name to SID. Reason: "SecD Error: object not found".
-